I think that is one of the questions being debated by the Plasma developers. You may have more luck getting a complete answer here:
And this too. I mean, it is not like it is the fine print either. They capitalise the whole paragraph.
You must have heard that old chestnut about how "the weakest security link in the security chain is the user" by now. There is nothing any technology can do if the user decides to install insecure stuff. Even before today, the KDE Store prominently displayed warnings about being careful with the content.
Well, yes: the store does advise caution, as we have little control over themes and widgets uploaded by their parties. The same way we would advise caution about running random software downloaded from the internet. That said, it does say KDE Store, so we should have some degree of control over it for our users' sake. That is what we are working on.
That said part II, we can't do with it the wider communities support. There simply isn't the human resources necessary. The 2 options we have are to close down the store completely (but then people will just go to random GitHub repos and download stuff from there), or try to leverage the community to help us locate and remove (or at least quarantine) dodgy products.
Not malicious. Just buggy -- a downright nasty bug, but a bug.
That is not possible. widgets and Global themes have to be able to execute code to work.
By the way: the code was not malicious, just badly written.
Bugs must be reported to our bug tracker. Please read the sidebar. This thread is now locked.
Report bugs to https//bugs.kde.org, not here. Thread locked.
Report bugs to https//bugs.kde.org, not here. Thread locked.
Correct. The theme creator missed a variable that is not part of the Plasma environment anymore, and instead of running
it run
๐ฌ